Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".


Using a TZ300 with Comcast Failover

I'm getting back into SonicWall firewalls after a loooong absence so forgive me for not remembering all these details. Customer has a TZ300-wirelessAC firewall and the firmware is SonicOS Enhanced-

Port X0 is his internal LAN. Port X1 is his WAN (static IP) to a Comcast Business cable modem in bridge mode.

The customer took it upon himself to renew his Comcast contract, and of course they talked him into a bundle of some sort. We believe his services will all remain the same (phone is mixed into this as well), and I believe there is the addition of some form of Comcast failover device... I believe it is Comcast Connection Pro which provides a 4GLTE connection for redundancy. He's also probably getting an upgraded cable modem. I have zero confidence the "installation" will go smoothly.

Can I plug the Connection Pro failover device into Port X2 and somehow configure the SonicWall to use it only if Internet access is lost on Port X1?

Category: Entry Level Firewalls


  • Options
    shiprasahu93shiprasahu93 Moderator
    edited November 2020

    Hello @mmontanaro,

    Yes, I would suggest to connect that device on X2 and then create a static route to send traffic to the internet from a test machine. If the test machine works fine, we know that the failover device is working correctly.


    Shipra Sahu

    Technical Support Advisor, Premier Services

  • Options

    OK- so that would be a good test... but I'm not sure how the Connection Pro device connects to the whole system... how does it know the primary internet connection is down? My understanding is it only activates during an outage (although still researching this) and the switch ports on the back of the device only provide DHCP and will not support static IP's (finding out more information as I go).

    I believe it is supposed to connect "in line" between the cable modem and LAN- but info seems sketchy on this. I take it the Comcast tech's know how to connect it to the network, but they tend to know how to wire things, not the internal workings. I believe they are also going to assume that the cable modem is acting as the core router, which is not the case here.

    Trying to head off problems and down-time for my customer.

  • Options

    Well, I can certainly tell how to test the internet connectivity through a specific port of the firewall but without help from Comcast, there are a lot of unknown factors at play here.

    Is there no way to get more info from Comcast to help us plan this better?


    Shipra Sahu

    Technical Support Advisor, Premier Services

  • Options

    LOL, good one. I'm finding that the device they use is made by Cradlepoint, but until the installation I do not even know what model device they are installing. I'll have to give them a call and see if they can give me more information. Hopefully they'll be helpful and understand what I'm asking.

  • Options
    AjishlalAjishlal Community Legend ✭✭✭✭✭

    Hi @mmontanaro ,

    After plug the X2 (Failover device) configure the Failover & LB in sonicwall. The secondary WAN port can be used in a simple “active/passive” setup to allow traffic to be only routed through the secondary WAN port if the Primary WAN port is unavailable. This allows the SonicWALL to maintain a persistent connection for WAN port traffic by “failing over” to the secondary WAN port.

    After configure the Failover & LB, It will show the link status & LB status and you can identify the Secondary (X2) WAN port will do the failover if Primary WAN port lost the connection.

    Basic Failover: Interface Ordering:

    Round Robin: Interface Pool:

    Spill-over: Primary/Alt. Pool:

    Ratio: Interface Distribution:

Sign In or Register to comment.